Groups keyboard shortcuts have been updated
Dismiss
See shortcuts

Django 5.1 - LoginRequiredMiddleware

78 views
Skip to first unread message

אורי

unread,
Aug 6, 2024, 12:19:10 PM8/6/24
to Django developers (Contributions to Django itself)
Hi,

I read about LoginRequiredMiddleware in Django 5.1 release notes, where it's written "The new LoginRequiredMiddleware redirects all unauthenticated requests to a login page."

I wanted to check so I installed django-5.1rc1 and I checked static pages without login locally, and they work without change - I'm not redirected to login urls. What am I missing? Is this the expected behavior?

Thanks,
Uri.

Adam Johnson

unread,
Aug 6, 2024, 1:37:14 PM8/6/24
to django-d...@googlegroups.com
Did you add the middleware to the MIDDLEWARE setting?
--
You received this message because you are subscribed to the Google Groups "Django developers (Contributions to Django itself)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-develop...@googlegroups.com.

אורי

unread,
Aug 6, 2024, 7:37:39 PM8/6/24
to django-d...@googlegroups.com
On Tue, Aug 6, 2024 at 8:37 PM 'Adam Johnson' via Django developers (Contributions to Django itself) <django-d...@googlegroups.com> wrote:
Did you add the middleware to the MIDDLEWARE setting?

No. I didn't see in the documentation of LoginRequiredMiddleware any MIDDLEWARE setting.



I thought that LoginRequiredMiddleware is always enabled in Django 5.1.
 

James Bennett

unread,
Aug 6, 2024, 8:17:15 PM8/6/24
to django-d...@googlegroups.com
On Tue, Aug 6, 2024 at 4:37 PM אורי <u...@speedy.net> wrote:
No. I didn't see in the documentation of LoginRequiredMiddleware any MIDDLEWARE setting.

The set of middlewares which will be turned on by default when generating a new project is documented:

Any middleware not listed there needs to be explicitly added to your project's MIDDLEWARE setting before it will have any effect.

I don't see anything in the documentation of LoginRequiredMiddleware which implies that it is enabled by default or will be turned on automatically by upgrading Django. And I think it's highly unlikely the LoginRequiredMiddleware would ever become a default-enabled middleware, since people would probably be upset about suddenly having their sites login-walled by a Django upgrade.


אורי

unread,
Aug 6, 2024, 8:29:39 PM8/6/24
to django-d...@googlegroups.com
OK, I understand. Thank you. I read the documentation but I misunderstood and thought that LoginRequiredMiddleware is enabled by default.

Uri.
 


--
You received this message because you are subscribed to the Google Groups "Django developers (Contributions to Django itself)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-develop...@googlegroups.com.

Adam Johnson

unread,
Aug 7, 2024, 3:29:53 AM8/7/24
to אורי, django-d...@googlegroups.com
I’ve opened a PR for a small docs tweak that may help clarify the release note: https://github.com/django/django/pull/18455 .

אורי

unread,
Aug 7, 2024, 3:39:50 AM8/7/24
to Adam Johnson, django-d...@googlegroups.com
Thank you.

אורי

unread,
Aug 8, 2024, 10:38:35 PM8/8/24
to Adam Johnson, django-d...@googlegroups.com
Hi,

I read the updated Django 5.1 release notes and I think now it's more clear that LoginRequiredMiddleware is only enabled if we enable it, and is not enabled by default.

Thanks,
Uri.

Reply all
Reply to author
Forward
0 new messages